1. Technical Field
Embodiments of the present invention relate generally to a method and apparatus for preventing the illegitimate outflow of an electronic document and, more particularly, to a method and apparatus that are capable of, when the illegitimate outflow of an electronic document is attempted, determining whether the electronic document is illegitimately leaked using an authentication process and then preventing the illegitimate outflow of the electronic document via electronic document self-response (or self-extinction) and illegitimate outflow source tracking.
2. Description of the Related Art
With the development of technologies by companies, the illegitimate outflow of advanced industrial technologies continues to increase.
The illegitimate outflow of technology is chiefly performed by an intelligent hacking scheme or an insider who cleverly makes use of the drawbacks of an existing security system. Accordingly, there is a need for technology for preventing the illegitimate outflow of electronic documents.
Information protection technologies, such as digital rights management (DRM) and data loss prevention (DLP), have been proposed and developed as technologies for preventing the illegitimate outflow of electronic documents.
It is however not easy to completely take measures against the illegitimate outflow of an electronic document because a hacking scheme continues to become increasingly intelligent and an insider cleverly performs the illegitimate outflow of an electronic document.
In particular, existing methods are chiefly intended to protect a system in which information is stored from a threat or to simply encrypt, store, and manage data to be protected, and thus have a limitation in terms of a perfect response when the illegitimate outflow of an electronic document to be protected is attempted.
A related art is disclosed in a paper entitled “Secure Knowledge Management for Prevent illegal data leakage by Internal users” published in No. 2 of Vol. 11 of Korean Society For Internet Information in April of 2010. In this paper, explicit authentication is performed on an internal user, data is provided based on the explicit authentication, and the illegitimate outflow of data by an internal user is prevented using 2MAC.
As another related art, Korean Patent Application Publication No. 2008-0029602 entitled “Method and Apparatus for Preventing Illegitimate outflow of Confidential Information” discloses a technology in which the illegitimate outflow of a confidential document is prevented using machine learning (based on a language) and finger printing (not based on a language) in a system for preventing the illegitimate outflow of confidential document.